It would seem that hackers today can do just about anything they want - from turning on the cellphone in your pocket to holding your life's work hostage. Cyber criminals today have more sophisticated tools, have learned to work collaboratively around the world and have found innovative ways to remain deep undercover in the internet's shadows. This episode, we shine a light into those shadows to see the world from the perspectives of both cybercrime victims and perpetrators.

First we meet mother-daughter duo Alina and Inna Simone, who tell us about being held hostage by criminals who have burrowed into their lives from half a world away. Along the way we learn about the legally sticky spot that unwitting accomplices like Will Wheeler find themselves in.

Then reporter and author Joseph Menn tells us about the surprisingly lucrative professional hacker structure in places throughout the former Soviet Union. Finally, the co-creator of one of the most notorious online marketplaces to ever exist speaks to us and NPR cyber-crime expert Dina Temple-Raston about how a young suburban Boy Scout can turn into a world renowned black hat hacker.

Produced by:

Tags:

More in:

Comments [41]

Mike W
from Ontario Canada

I had a zero day exploit of a flash player introduce the Cryptowall onto my machine during the summer. It didn't exhibit the same behaviour as it did for Alina exactly, but the same issue. Tor browser, pay via bitcoins and so on. I didn't have the money to do the bitcoin route and various sources said that if you did pay there was no guarantee the decrypt would occur. I lost about 100GB of photos and video, and docs. Ironically it occurred at the moment I had my backup drive connected so it started to erase it too. I watched file names change and pulled the plug and it saved it doing complete damage to it. Any of the suggested fixes for the earlier versions of cryptowall didn't work, not the lists of decryption keys that the Brits or Interpol had found, nothing. So I ended up wiping the machine after leaving it be shut down and offline for a few weeks. Horrible feeling. I hope no one goes through that. Always back your stuff up to the cloud or non connected drives and so on. You will regret it a lot otherwise.

Why were tools to recover infected computers not covered? Nor was any time put into simple prevention. For those in need a computer that has been compromised by ransomware can be recovered for free using software developed by security specialists.http://www.zdnet.com/article/ransomware-rescue-kit-released-to-combat-criminal-enterprise/

I had to come and respond to the last comment, by Youssef, just in case someone is reading this and gets the wrong idea.

He got lucky - he had a less powerful version, or a copy-cat of CryptoWall.

I'll try and keep it short. CrypoWall started with basically version 1.0 - and though it made plenty of money for criminals, it was not perfect. People eventually learned how to restore the data, or even find the encryption key, which was stored locally sometimes. Version 2 was a bit more advanced, and now CryptoWall is up to 3.0, which is by far the most brutal.

Also, this virus has been edited and duplicated, sometimes not well, so there are a bunch of variants out there, some more well-made than others. There are also several spin-offs, like CryptoWall and the like. It's like this is with Youseff was infected with.

I will return and explain a bit more.

Here's some advice:

BACKUP!!! But remove the drive after you backup, if you use an external. CW 3.0 is known to infect any attached devices, NAS devices or even networked computers.

If you see an unexpected major slow down with your PC, shut it down immediately. This is caused by the encryption process (and in some cases a failing hard drive; also a good time to shut it off and get it checked out).

If you see a link file (.html), picture (.jpg) or text file (.txt), titled "DECRYPT_INFO" or any of those types of files (usually small) with a name like that, you have been infected and the virus is in the process of encrypting your data. Shut down immediately.

I managed to find my way out of it without paying (it turns out they don't actually encrypt the files, they create an image of your file that seems encrypted, and they hide the actual file deep inside your system files) , but it's unfortunate normal people have to be tortured like this.

I don't really have anything against people who do these cyber crimes. To be honest, they make me feel uneasy as to why they'd derive pleasure from such a thing. It's upsetting, but at the same time I am always aware not to be tribal and not let psychological biases come into play. People who do that sorta thing are people too, and maybe they're either in an unfortunate position, or they get exhilaration out of it, or they're exploiting the system (as in the monetary system) for personal gain, which I also have no problem with because after being aware of The Venus Project ( a world without money, created by Jacque Fresco) I began to look at the world a lot differently than before.

I think vilifying these people is the most basic emotional protection you have against them, but it's actually counter intuitive to peace. So in a strange way, I sympathize with them.

I am appalled that there was absolutely no mention of prevention from ransomware. This is a national program, one which I do enjoy and have listened to many times, one that reaches many people. And yet they never once mentioned that an easy way around ransomware is a proper backup system. This show is supposed to be informative and I did like this episode. But it was a major oversight and pure lack of responsibility to not say anything, not even give a proper link in the description on how to stop these things. I work in IT, and I think many IT pros would agree that there are a lot of simple things the average user, even the most unintelligent user could do to prevent, malware, ransomware, viruses, etc. Instead radiolab has left the listeners in a state of fear. Listeners probably think that if they are held ransom they have to pay. Some might not even realize they have a proper backup system and still pay. I understand principals of unbiased journalism, and I think radio lab generally does this well. But this is such a clear case where ransomware is bad and preventable and you should have included some kind of education or public service announcement.

Absolutely love this episode and radiolab in general. By far my favorite podcast, and best NPR program as well. Have now listened to all of the episodes, so have to wait to listen to a new episode each week.Thank you radiolab for making such an inspiring and thought provoking show.

Contrary to Dina Temple-Raston's description, contract killings could not be arranged through Silk Road 1.0. The Dread Pirate Roberts (creator of silk road) envisioned the site as an unregulated online marketplace for the exchange of goods, not services.

As always, an informative and entertaining episode of RadioLab! If you and/or your listeners are interested, I'd highly recommend reading Neal Stephenson's REAMDE. Though a work of fiction, it has as it's central theme this very phenomenon.

Sigh. What the Cryptowall story lacked was any indication that Alina had taken steps to protect herself from a recurrence. Is she doomed to periodically pay ransom to get her files back forever? Or will she wise up and either update her OS or switch to something less vulnerable, like Linux?

As a Bitcoin fan, I feel that I need to talk about the horrible time she had obtaining bitcoins.

U.S. regulations make it cumbersome to buy and sell bitcoins because the government want the ability to track how people use their money and Bitcoin is difficult to track.

2. U.S. payment systems are rife with fraud ranging from identity theft to chargeback fraud. Even though Bitcoin itself is immune to this fraud, bitcoin sellers have to deal with U.S payment systems and they are particularly vulnerable. They need to be extra careful.

Not sure if people already know this, but the easiest way to stop this from happening (besides not clicking on everything) is to take your computer off line. This stops the encrypting. Then move all your files over to a flash drive or external and wipe everything.

Reid: "Programs exist that will backup changed files to an attached external hard drive or a hard drive on the network (you can buy one that hooks up easily) every hour or day."

Just make sure you do not back up the malware that encrypts your files on the hard drive. Have more than one external hard drive, and switch drives when you do a back up. Make sure the backup program backs up all of your files. When switching to this laptop I found the *&^%$#! program that came with the new hard drive did not back up my embroidery files, certain CAD files, and other specialized program data files. Fortunately I had them on an older external hard drive.

My laptop is nearing the end of its functionality (the video failed, so I have a monitor hooked up to its HDMI port, and fortunately the monitor has speakers because just today the laptop speakers failed). I just spent two days backing up and copying over twenty years of family pictures, video, Christmas letters, music files, email, and on and on... onto three different external hard drives.

Good episode. I wonder if Mrs. Simone remembers what she clicked on to get her computer infected. Would more effective antivirus software have prevented it? Finally, could she have reclaimed her files if she had tried to do a system restore in safe mode? As others have mentioned, a computer backup would have saved her time and money and grief.

Hackers & Crackers will inherit so much more global influence in the future. The ascension of hackers in our global civilization is inevitable. Every system can be compromised no matter how intricate the programming. Updates fix problems and form new vulnerabilities.

Hackers & Crackers should not be so harshly subjected by legal consequences. They are the innovators who have created and/or influenced the creation of almost all popular technologies (phones, computers, internet, smartphones, file sharing, etc). It is insane that the U.S. federal government and state governments give hackers very extensive sentences (25 to life in many cases) and rapists as well as other very violent criminals only get a few months or years.

Long live digital anonymity tools, decentralized systems, distributed ledgers, bitcoin, and all forms of computer hacking.

Shout-out to Radiolab for covering the same story and even using a virtually identical image to what I posted on my podcast on WGN Radio just over 3 weeks ago. Source: http://wgnradio.com/2015/08/30/cryptolocker-virus-cybersecurity/

Mrs. Simone had only herself to blame for being in the position of having to pay to get her files back. I'm not excusing the hackers of their misdeeds. They should be punished for their crimes.

But with that being said Mrs. Simone should have had a backup of her computer. Programs exist that will backup changed files to an attached external hard drive or a hard drive on the network (you can buy one that hooks up easily) every hour or day. Macs have this functionality built in. Or you can even have your files backed up to a service on the Internet. If she had done this she could have told the hackers where to go, wiped the computer clean, and restored from the backup. At most she would have been missing a few hours worth of changes. And this solution would have cost her much less than the $500 ransom.

It is important to note that she was lucky that her files were held for ransom because she was able to get her files back. A much more common problem that people face is that their hard drives fail. If Mrs. Simone had encountered this then her expenses would have been in the $1000s, the time would have been weeks, and she would have been lucky to get anything back. Every hard drive is going to fail. It's just whether it's going to fail before you are done with your computer or not. This is why you need to back up your files. And if she had done this then she would have been saved the money and the hassle of dealing with her ransomed files.

This goes to show that you should always now what you install and what you click on but if you want to be really safe then follow Robert Morris three golden rules to ensure computer security: 1.do not own a computer; 2.do not power it on; 3.and do not use it .